Rate Limits Applied to /userinfo From server-side Calls

Problem Statement:

How are rate limits on /userinfo enforced when calls are made server-side from the same IP address on behalf of one or more users?


/userinfo is limited by user ID, not by IP address.

This means you can make up to 5 requests per minute with bursts of up to 10 requests for each user ID that you query.

We still recommend using the rate limit response headers to throttle responses accordingly.